OpenX Blog

We were sorry to hear that the folks at Perl.com were hacked into last weekend and that their website visitors were redirected to a porn site. The method of attack highlights the risks associated with displaying third party content on your websites. This is something which all website owners should take a moment to consider.

After some analysis, it turned out that none of the servers involved were actually compromised. The hacker simply registered a domain (grepblogs.net) which had recently expired and set up a new server to replace the web services it was providing, including an Openads ad server.

Perl.com had a Javascript ad tag from the grepblogs.net domain name. The hacker proceeded to change the function of the Openads Javascript tag and redirect visitors to a different website.

I am confident that the people running Perl.com have taken every security precaution, their site is probably one of the more secure sites on the net. This type of hack demonstrates that while there was no compromise of the Perl.com servers, a compromise of a related server (or a domain takeover!) which serves content on the Perl.com site can be just as serious.

Note that the fact that this happened does not mean that either Perl.com OR Openads had any security vulnerability. It happened because sites now have lots of content being served by many different domains. For example, the content on the Techcrunch website is being delivered by over TWENTY domain names! If one of these domains gets hacked into, Techcrunch is at risk.

Is there a security standard for this type of web content delivery? There needs to be. Openads gets served on over 30,000 publishers, across 100,000+ domains. Many of those domains come from third parties.

This is not a problem specific to ad servers. Widget makers, analytics providers, and many other applications which use third party tags or domains are equally vulnerable. We all need to get together and discuss how problems like what happened to Perl.com can be eliminated, or at least minimised.

I will discuss with some other people who have experience in the field and send a follow up blog to continue this discussion.

Hot on the heels of our funding and private beta announcements last week, we just found out we’ve been selected as one of the OnMedia 100 winners. The OnMedia award winners are selected by industry experts which makes it all the more exciting.

It’s always nice to get recognition from the industry, and we’re delighted to have made the final list. But more important to us is to make sure we’re doing all we can to help publishers make more from online advertising. Our latest initiative, the hosted private beta programme has received a huge response but we won’t stop there. What else what you like to see us work on?

It’s only been one day since we announced a hosted version of Openads and we have already received an overwhelming response from around the world including registrations from 30 countries!

I have been spending a lot of time speaking to publishers about their needs, one publisher in NYC told me:

My ad serving bill is the only bill I get where I shudder before opening it.

Hopefully, with the new hosted version of Openads, he and the thousands of other publishers who pay for ad serving will no longer have this anxiety.

We are thrilled with the fantastic response that we have had already, and appreciate everyone’s patience while we continue to build out this very popular and important new service.

Thanks,
Scott

Today we announced a version of our ad server that is hosted. What this means is that a publisher will have the option to use Openads without downloading and installing on their own web server. This will be useful for small publishers, who do not have the time, money, or expertise to use the downloaded version. Equally, large publishers may prefer a hosted version of Openads if they do not want to configure a server cluster that will handle large amounts of traffic.

Obviously this is a gigantic effort - there are more websites using Openads than all other ad servers combined. If even a small percentage of our community chooses a hosted version rather than a downloaded version, we will be serving billions of ads per day. The planning involved with this has been in the works for months.

What does this mean for publishers?

• Choice. Publishers will now be able to choose between a downloaded and hosted version of our ad server. Openads will continue to provide a download version of our ad server.
• Open. Openads will continue to be open source, licensed under the GPL.
• Free. Both the downloaded and hosted version of Openads will be FREE.

We are starting to roll out our hosted product at the end of January. During the first couple of months, the service will be in private beta, and we will be opening the beta to more and more publishers throughout 2008. If you would like to sign up for the private beta process, please sign up here.

Please realise that it will take some time for us to roll out the beta across our entire community. I encourage you to continue to download and install Openads - we will keep you up to date and invite you to join in with beta testing as soon as we are able.

I cannot emphasise enough how much I appreciate our team’s effort in preparing for a hosted version. I also thank everyone in the Openads community for using Openads, and for continuing to give us feedback so we can make our products better.

Thanks,
Scott

–
Related articles:
Openads announces $15.5M funding and a free hosted ad server

There’s quite a buzz at Openads today. The reason? We just told the world 2 big pieces of exciting news:

Firstly, we have a great new investor in our company. Accel Partners in the USA have led our $15.5m Series B financing, supported by our existing investors. We’ve got to know Andrew and the Accel team well over the past few months, and they share our belief in the potential of open source software and a big, global community to help publishers to make more from online advertising.

Secondly, we’re also able to use some of that new investment straight away to deliver one of the most requested features from our community – a hosted version of their favourite ad serving software! This will make Openads easier to use and manage - both for existing Openads users, plus new publishers interested in taking back control of their online ad inventory. If you’d like to take part in beta testing or keep in touch with new developments please register here.

This is great news for the Openads Community. By adding a hosted version along side our great open source ad server we can grow the Openads Community and the additional funding will go a long way to improving the product you know and love.

Let us know what you think! We’re keen to get your thoughts…

–
Related articles
Hosted Version of Openads! (By Scott Switzer)

We have prepared a new patch release of Openads 2.4 which includes bug fixes, security enhancements and new database pruning techniques.

A big thanks to everyone in the Openads community who helped identify and resolve issues in this release.

Find out more in the release notes or download the latest release of Openads today.

E-consultancy are getting into the spirit of the New Year with some predictions about the future of the web in 2008. There are some insightful predictions which will be of interest to people involved online advertising:

1. Behavioural targeting will become more widespread - and something which is expected
2. Local search marketing and advertising platforms can expect growth
3. Internet advertising will overtake radio advertising in the US
4. Fear of recession will shift advertising budgets to online media
5. Video gains ground as a popular advertising medium
6. Social networks advertising becomes scalable

And our favourite, Openads gets a mention in relation to their prediction that “Open Source will continue to dominate“… we certainly hope so!

What are you predictions for 2008?

–
Resources:
Ten digital trends to watch out for in 2008 (E-consultancy)

Using a PHP accelerator can greatly improve the performance of your PHP applications and the OpenX ad server is no exception. Installing a PHP accelerator is likely to improve OpenX performance more than any other single tuning technique.

We recently heard from Xuk, an OpenX publisher, who serves around 210 million impressions a month. Xuk’s ad server was showing signs of heavy load. As a result he decided to try installing an open source PHP accelerator and was kind enough to post some performance benchmarks of his ad server before and after installing a PHP accelerator.

As you can see from Xuk results, adding the PHP accelerator made a big difference. Requests per second are up from 28 per second to 88 per second whilst the system load is down 3.6 to 2.0. In our experience, Xuk’s results are pretty typical. We recommend OpenX publishers use a PHP accelerator to ensure they are getting the most out their existing hardware.

Thanks Xuk, this is a good reminder for OpenX publishers everywhere.

What’s your experience?
Have you experimented with using a PHP accelerator? Did you see similar results? Which PHP accelerator would you recommend and what performance gains would you expect?

–
Related links:

• PHP Cache website
• eAccelerator website
• Key Performance Tuning Techniques for OpenX

Now is your last chance to vote for Openads as the 2007 Best international start-up.

“The 2007 Crunchies recognize and celebrate the most compelling startups, internet and technology innovations of the year. The Crunchies is a collaboration project between GigaOm, Read/WriteWeb, VentureBeat and TechCrunch. Best of all, the internet community is invited to choose who wins.”

We’re up against some other great start-ups including Atlassian, Gizmoz, MusicShake and Netvibes in the category of Best international start-up. You will decide the winner. But act quickly, voting is about to a close.

Now is your last chance to help Openads win this exciting new award: Vote for Openads today!

–
Related posts:
Openads Nominated for Best International Start-up

We’ve completed the maintenance work. The Openads Community Forum is back up and running.

Thanks for your patience.

– The Openads Team

The Openads Community Forum will be available in read-only mode this morning while we’re undertaking some maintenance work. We expect the work will be completed in the next few hours.

We apologise for any inconvenience and will do our best to have everything up and running as soon as possible.

We will update this blog post to confirm that the work has been completed successfully.
– The Openads Team